Method, system and program product for verifying an attachment file within an e-mail

ABSTRACT

System, method and program product for managing a file attached to an e-mail. The attached file&#39;s file name is obtained. A voice message file address is received and encoded into a modified address to comply with file naming rules of a recipient computer. A composite file name results from inserting the modified address into the attached file&#39;s file name and is displayed in the e-mail. The recipient computer extracts the modified address from the composite file name in the e-mail and decodes the modified address to obtain the voice message file address. Using the voice message file address, the recipient computer requests and receives the voice message file. The voice message is analyzed and verified prior to accessing the attached file. Verifying the voice message includes comparing a voice of the voice message to a voice signature.

This application is a continuation application claiming priority to Ser. No. 11/109,321, filed Apr. 19, 2005.

BACKGROUND OF THE INVENTION

The present invention relates generally to e-mail, and more specifically to a technique to verify authenticity of a file attached to an e-mail.

Electronic mail or “e-mail” is well known today. It is typically sent over the Internet, and received and displayed by a recipient's web browser. An e-mail may also include a file attachment. The file attachment is typically displayed as an icon with a name of file adjacent to the icon. If a recipient “clicks on” or otherwise selects the file icon, the recipient's web browser will fetch and open the file.

Many e-mails are unwanted “spam”, i.e. unsolicited advertisements or messages. The spam e-mail may also include attachment files. The attachment file may contain unwanted or offensive text documents, graphics, pictures, audio, or video information.

A computer virus can also be embedded in a file attached to an e-mail. This is the most common method to “infect” the recipient's computer and other computers across a network. For example, a recipient may receive an e-mail with an attached, infected file including a computer program that can be executed within the recipient's computer system. When an infected file is opened, the computer program executes and may disrupt or incapacitate the recipient's computer by corrupting or deleting important programs and/or data files. While less prevalent in number than “spam”, viruses are more disruptive and costly.

A computer virus, when executed at a recipient computer, may also access information contained in the recipient's address book. Then, the virus may mail a copy of itself as a file attached to an e-mail sent by the recipient, to everyone in the recipient's address book. In such a case, the infected file attachment may appear to originate from someone the (new) recipient knows and trusts. Because such files “apparently come” from a reliable source, the likelihood the infection will be spread by unwitting recipients is greatly increased. In those cases, the recipient may wish to ensure that attached or accessed files have been sent by a trustworthy sender rather than by a hacker, prior to exposing his or her computer system to an infected program file.

Known e-mail systems e.g., U.S. Pat. No. 6,553,341 entitled “Method and apparatus for announcing receipt of an electronic message”, provide the capability to automatically read selected portions of an e-mail by using text-to-speech conversion.

An object of the invention is to provide to a recipient information describing content of a received file attachment, before the recipient opens and accesses the received file.

Another object of the invention is to enable a recipient to verify that a received file has been intentionally sent by a person and not automatically sent by a machine, before the recipient opens and accesses the received file.

Another object of the invention is to enable a recipient to verify the identity of the sender or the author of the received file, before the recipient opens the file.

SUMMARY OF THE INVENTION

The present invention resides in a system, method and program product for managing a file attached to an e-mail. Added to a file name of the attached file is an address or derivation of the address from which a voice message associated with the attached file can be accessed. The file name with the address are displayed in the e-mail adjacent to an icon for the attached file.

In accordance with features of the present invention, the address or derivation of the address can be merged with the file name. This merger can result from inserting the address in front of an extension dot of the file name. The derivation of the address may differ syntactically from the address from which the message can be accessed.

In accordance with another feature of the present invention, the voice message can describe a content of the file.

In accordance with another feature of the present invention, a voice of the voice message can be compared to a voice signature to determine authenticity of the voice message.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a flowchart of a program which renames a file attached to an e-mail, according to the present invention, to include an address of an associated voice message.

FIG. 2 is a flowchart which illustrates in more detail an encoding step 110 of the program of FIG. 1.

FIG. 3 illustrates an e-mail with an attachment named by the program of FIG. 1, according to the present invention.

FIG. 4 is a flowchart of the program of FIG. 1 to rename a file attached to an e-mail to include an address of an associated voice message, and a program within the recipient's computer to fetch and play the voice message.

FIG. 5 illustrates a distributed computer system or computing environment in which the present invention can be implemented and used.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

According to the present invention, an address of an audio file that describes the content of a text, image or other type of file attached to an e-mail is merged with an original name of the attached file. The address of the audio file can be its URL or other address. The audio record can be used to learn the general subject or content of the attached file and verify the origin or author of the attached file before the attached file is opened. When merging the address of the audio file with the original name of the attached file, the address of the audio file may be modified in form to avoid syntax, characters or symbols that are forbidden by the nomenclature of the file system naming rules. For example, the symbol “\” is not permitted in the naming rules for files supported by the Microsoft Windows operating system. (“Windows” is a Trademark of Microsoft Corporation). The address of the audio file may also be modified to reduce its length when needed to comply with the file system naming rules. Addresses to be encoded may be of any forms e.g., local addresses, addresses in private networks or Internet addresses. However, for sake of illustration, the examples given in the following description are based on URL type of addresses. The address of the voice message can be merged with the original file name regardless of whether the file is a type to be transmitted from a server to a user device or a type to be locally saved or transmitted to another system.

The present invention will now be described in detail with reference to the figures. FIGS. 1 and 2 illustrate a voice or audio message address encoding program 90 to merge an address of a voice message with an original name of a file 170 (described by the voice message). The file may be attached to an e-mail sent by a sender from a sender computer 300, and received by a mail server 315 via the Internet 305 en route to a recipient computer 310 via the Internet. The program 90 can reside in the sender computer 300 which includes a CPU 10, operating system 12, RAM 14, ROM 16, disk storage 18 and TCP/IP card 20 to interface the sender computer 300 to Internet 305, as illustrated in FIG. 5. A related voice or audio message address decoding program 190 can reside in the recipient computer 310 which includes a CPU 30, operating system 32, RAM 34, ROM 36, disk storage 38, web browser 42 and TCP/IP card 40 to interface the sender computer 300 to Internet 305, as illustrated in FIG. 5. As shown in FIG. 1, program 90 extracts or reads the original name of the file 170 selected by the user/sender for inclusion in the e-mail (step 100). Typically, the original or primary name indicates the general subject or title of the file, and possibly the author of the file (but not the address of the associated voice message). The user/sender can also record an audio message file and send it to the voice server 205 for storage. The voice server 205 will return to computer 300 the URL address of the audio message file associated with the file (step 105). The voice message provides a summary or description of the file and can also be used to verify the origin of the file. Then, program 90 encodes or modifies the voice message address, if needed to comply with file naming rules of the recipient computer (step 110), and merges the encoded or modified voice message address with the primary filename of the file, using predetermined separators (step 115). The “separators” can be parenthesis. Program 90 then renames the file, as it appears in the e-mail as an icon/attachment, with the merged primary filename and the encoded or modified voice message address (step 120).

FIG. 2 provides more detail of the foregoing modifying or encoding step 110. Program 90 sets a variable “i” to “zero” (step 125) and extracts the i^(th) character from the voice message address string (step 130). Then, program 90 performs a test to determine whether the extracted character is valid or otherwise forbidden by file naming, for example, syntax, rules imposed by the file system of the recipient's computer (step 135). If the extracted character is a valid character under the file naming rules, variable “i” is incremented by one (step 150) and program 90 performs a test to determine if variable “i” has reached its maximum value that is, if all characters of the voice message address string have already been processed (step 155). If variable “i” has not yet reached its maximum value, program 90 repeats the last four steps of the algorithm (steps 130 to 150). Otherwise, if variable “i” has reached its maximum value, the process is stopped. If the character extracted from the voice message address string is forbidden by the file naming, for example, syntax, rules, program 90 selects a corresponding valid character, or group of characters, in a lexicography table 145. Then, program 90 replaces the invalid character with the corresponding, valid character, or group of characters (step 140). Then, program 90 increments variable “i” by one and performs the same test described above to determine if variable “i” has reached its maximum value.

As an example of use of program 90, consider the case of an image file attachment with original or primary name “Berry-January.jpg”. In this example, the image file has JPEG format. (However, the present invention is useful with other types of files such as text files.) A sender would like to send this image file to a recipient as an e-mail attachment with the voice message address merged with the original or primary file name, with modification or encoding of the voice message address as needed to comply with the recipient's file naming rules. In this example, the lexicography table 145 modifies or encodes the voice message address as follows:

“:” modified or encoded to “..”

“/” modified or encoded to “(”

After the e-mail is received by the recipient, the recipient can obtain an audio summary or description of this file and/or verify the origin of this file, by playing the voice message corresponding to this file. For sake of illustration, the recipient can download the voice message from the following URL:

http://www.messagebay.com/messages/987654321.wav

When the originator of the document “Berry-January.jpg” saves or sends the document, an option such as “Copy path to file” can be selected to encode in the name of the document the URL (or other address) of the voice message. The voice message provides a summary or description of the file and/or verifies the origin of the file. If this option is selected, program 90 modifies the filename according to the algorithm of FIGS. 1 and 2. By using the lexicography table 145, program 90 modifies or encodes the voice message URL address as follows:

http..((www.messagebay.com(messages(987654321.wav

Then, program 90 merges the encoded URL with the original or primary filename. In this example, the encoded URL is enclosed by separators in the form of parenthesis. The encoded URL is inserted in front of the extension dot of the primary filename and before the “.jpg” as follows:

Berry-January(http..((www.messagebay.com(messages(987654321.wav).jpg

Then, program 90 renames the file in the e-mail to this modified filename.

However, it should be understood that the audio message address can be merged in other ways with the file name. For example, program 90 can alternately replace a sequence of forbidden characters by a single one, for example, replacing “//:” by “(”. Also, program 90 may replace some sets of characters with more compact codes, for example, replacing “http://” by “H!”.)

FIG. 3 depicts an e-mail 160 where the original name of attachment file 170 is “Berry-January” and the syntax transformed URL 165 of the voice message address is “http..(www.messagebay.com(messages(987654321.wav). The composite filename includes the original file name merged with the URL 165 of the voice message address in parenthesis, according to the algorithm of FIG. 1.

After receipt of the e-mail 160 with the file attachment 170, the recipient can select to hear the voice message and thereby obtain a summary or a description of the attached file and/or verify the origin of the attached file. The recipient selects to hear the voice message by selecting an option presented by the recipient's audio message handling program 190. In such a case, the recipient's program 190 will extract the voice message address from the composite file name (i.e. original or primary file name merged with the modified or encoded voice message address). Then, the recipient's program 190 will request the recipient's web browser 42 to fetch the voice message from the specified address and upon receipt, play the voice message to the recipient. The recipient's program 190 uses the same table 145 of lexicographic transformations as the one used by the sender program 90 to extract the real voice message address or URL from the composite file name. To that end, certain symbols or groups of symbols of the modified or encoded URL are replaced by symbols or characters that are compatible with URL conventions on the Internet, to request the voice message from the real URL. Using the same example as before, the decoded voice message address is as follows:

http://www.messagebay.com/messages/987654321.wav

Steps 200, 215, 220 and 225 of FIG. 4 illustrate an example of the sender's program 90 encoding the voice message address in the filename of the corresponding, attached file. Steps 230, 235, 240, 245, 250, 255 and 260 of FIG. 4 illustrate an example of the recipient's program 190 and the recipient's web browser program 42 to subsequently extract the voice message address and fetch the voice message file via the Internet. The voice message summarizes or describes the attached file and/or verifies the origin of the attached file, respectively.

When a user at computer 300 saves a file, or if a voice message has not already been associated with a file that has already been saved, and the user wants to send the file attached to an e-mail, the user can invoke program 90 and record a voice message briefly describing the content of the file or characterising the file (step 200). Using program 90, the user/sender then sends the voice message (as an attachment to an e-mail) to a voice server 205 where it is stored as a file in a database 210 of the voice server in association with a URL. The URL which includes the address of voice server 205 and this voice message file. The voice server 205 returns to the program 90 of user/sender computer 300 the voice message address or URL associated with this voice message (step 215). Then, program 90 within the user/sender's computer 300 modifies or encodes this voice message address (step 220), merges it with the original or primary file name and renames the file attachment 170 with the composite file name according to the algorithm described by reference to FIGS. 1, 2 and 3 (step 225). Next, the user sends the e-mail with the renamed file attachment to the recipient via a mail server 315 (shown in FIG. 5).

After receiving an e-mail with the attachment file and the composite name that contains an encoded voice message address, upon request of the recipient to program 190 in computer 310, program 190 extracts and decodes the voice message address (step 230) as described above. Optionally, the recipient can set a parameter of the recipient program 190 to automatically request the voice message address extraction and decoding whenever a voice message address is contained in the file name of an attachment. Then, the program 190 directs the web browser 42 to send a request (including the voice message address) over the Internet to fetch the audio file at the voice message address (step 235). In the illustrated example, this request is sent to voice server 205 which returns the voice message file. After receiving the voice message file (step 240) (if optional steps 245 and 250 are not used), the user can check the content and origin of the file, before opening the file attachment, by listening to and analysing the received voice message (step 255) and then decide whether to open the file attachment (step 260).

The following is a description of optional steps 250 and 255. Voice analysis, based on voice prints, can also be incorporated into the present invention to verify the author (or originator) of the voice message. A voiceprint is a set of measurable characteristics of a human voice that uniquely identifies an individual. These characteristics are based on the physical configuration of a speaker's mouth and throat and can be expressed as a mathematical formula. A voiceprint applies to a vocal sample recorded for that purpose, the derived mathematical formula, and its graphical representation. Voiceprints are currently used in known voice authentication systems, or Voice ID systems, for user authentication.

Known voice ID is a type of user authentication that uses voiceprints and pattern recognition software to verify a speaker. An adaptation of biometrics, voice ID relies on the fact that vocal characteristics, like fingerprints and patterns of people's irises, are unique for each individual. The criteria on which a voice ID system bases decisions are created by the shape of the speaker's mouth and throat, rather than more variable conditions. Because of the relative permanence of the characteristics it measures, the technology is not easily fooled by an attempt to disguise a voice, and is not generally affected by changes that can make a voice sound quite different to the human ear, such as a bad cold or extreme emotion. During enrollment for a voice authentication system, a user's voice is recorded, creating what is called a voiceprint for comparison with samples taken for user identification. To foil attempts to fool the system with a prerecorded voice sample, people may be asked to read or repeat a list of words in random combinations. Voice ID systems have been used in a variety of known security-related applications. Voice authentication products are currently available from a number of vendors.

Known voice biometrics programs create a voice print of the user i.e., a template of the person's unique voice characteristics created when the user enrolls with the system. All subsequent attempts to identify the user require the user to speak, so that their live voice sample may be compared against the prerecorded template. For example, U.S. Pat. No. 6,529,871 by Kanevsky et al. issued to IBM Corporation, entitled “Apparatus and method for speaker verification, identification, classification employing non-acoustic and/or acoustic models and databases” describes such a system.

The known voice biometrics programs can be performed at the recipient's computer, an authentication server (not shown) or voice server 205 automatically or upon request by the recipient, to determine the authenticity of the fetched audio message. To be performed at the recipient's computer, the voice message stored in voice server 205 is associated with downloading parameters corresponding to a voice authentication function and voice print for the audio message file. Thus, when the recipient requests the audio message file from the voice server, the voice server will download not only the voice message file but also the voice authentication function and voice print to allow the recipient computer to perform the voice comparison. Alternately, when the recipient requests the audio message file from the voice server, the voice server will automatically perform the voice comparison, and notify the recipient of the outcome.

Thus, the received voice message can be analysed to extract voice characteristics. Then, the voice characteristics are compared to prerecorded voice characteristics of the assumed sender, stored on a secure server e.g., a server owned by an authentication authority. Thus, step 245 can be included in the verification process in which the voice biometrics program verifies the origin of the audio message file associated with the attached file before the recipient opens the attached file.

If step 245 is included in the verification process, and the voice biometrics program confirms the origin of the attachment file (decision 250, yes branch), then the recipient's program 190 instructs the web browser 42 to play the voice message for the recipient (step 255). Based on the content of the e-mail and voice message and voice print authentication of the voice message, if any, the recipient can decide whether to immediately discard the e-mail and file attachment, whether to open the file attachment or whether to retain the e-mail with the file attachment to open later.

FIG. 5 depicts an example of a distributed computing environment which includes the present invention. For sake of illustration, the main steps of programs 90 and 190 described in FIG. 4 are illustrated with flow diagram arrows in FIG. 5. (Programs 90 and 190 can be loaded into their respective computers 300 and 310 from a computer storage medium such as a magnetic disk, CD ROM, DVD, etc. or downloaded from the Internet via respective TCP/IP adapter cards 20 and 40.) As described above, a user/sender computer 300 is connected to a network 305 such as the Internet, allowing transmission of files as attachments to e-mails or separately. Preferably, a voice server 205 comprising a data base 210 is also connected to network 305 to store the voice messages associated with the transmitted files. When user 300 wants to transmit a file according to the present invention, the user records a voice message summarizing or describing the content of the file. The user then sends the voice message as a file to the voice server 205 and the voice server stores the voice message file and associates it with a URL or other address. The voice server 205 returns the address of the voice message file, and program 90 within the user computer 300 encodes the voice message address and merges it with the original or primary file name of this file according to the algorithms described above. When a recipient at computer 310 receives an e-mail or a message containing this attached file from the user/sender via network 305 and a mail server 315, as illustrated by dotted arrows, the recipient analyzes the filename of the received file to determine whether or not it contains an encoded voice message address. If it contains an encoded voice message address, the recipient requests the recipient computer 310 to extract and decode the voice message address from the composite file name and obtain the voice message stored in the database 210 of the voice server 205 via the network 305.

In another embodiment of the present invention, some characteristics of the sender or author of the attached file are stored in conjunction with the voice message. For example, an electronic address of the sender or the author of the attached file can be associated with the voice message, allowing the recipient to contact him or her if needed. Also, several links to associated documents can be associated with the voice message, allowing the receiver to get further information on the subject of the attachment file before opening it. Also, the voice message can be associated with a URL or the voice authentication function on the voice server. Alternately, the voice message can be associated with downloading parameters to allow the recipient to download a voice authentication function and voice print for the audio message file. The voice authentication function will check the authenticity/origin of the audio message file by comparing some characteristics of the voice message with prerecorded characteristics of the presumed sender or author of this document. 

1. A computer-implemented method of managing a first file attached to an e-mail being sent by a first computing system to a second computing system, said method comprising: obtaining, by said first computing system, a file name of said first file attached to said e-mail; receiving, by said first computing system, an address of a second file that includes a voice message associated with said first file; encoding, by said first computing system and subsequent to said receiving, said address of said second file, wherein said encoding includes modifying said address of said second file to comply with a set of rules for naming files in a file system of said second computing system, and wherein a result of said modifying is a modified address; inserting, by said first computing system and subsequent to said encoding, said modified address into a predefined position within said file name, wherein a result of said inserting is a composite file name that includes said modified address and said file name of said first file; and displaying, by said first computing system and subsequent to said inserting, said composite file name in said e-mail, wherein said displaying includes naming an indication of said first file in said e-mail as said composite file name.
 2. The method of claim 1, wherein said inserting said modified address into said predefined position includes inserting said modified address in front of an extension dot of said file name.
 3. The method of claim 1, wherein said receiving said address of said second file includes receiving a Uniform Resource Locator (URL) of said second file, and wherein said modifying said address of said second file includes modifying said URL, and wherein said modifying said URL includes: replacing a colon character in said URL with a first set of one or more replacement characters, and replacing a forward slash character in said URL with a second set of one or more replacement characters, wherein said first set of one or more replacement characters is different from said second set of one or more replacement characters, and wherein said modified address includes said first set of one or more replacement characters and said second set of one or more replacement characters.
 4. The method of claim 1, wherein said receiving said address of said second file includes receiving a Uniform Resource Locator (URL) of said second file, wherein said modifying said address of said second file includes modifying said URL, and wherein said modifying said URL includes replacing a set of characters in said URL with one or more replacement characters, wherein said set of characters includes a sequence of three characters ://, and wherein said modified address includes said one or more replacement characters.
 5. The method of claim 1, wherein said voice message includes a description of a content of said first file.
 6. The method of claim 1, wherein said voice message includes an indication of an author of said first file.
 7. The method of claim 1, wherein said displaying said composite file name in said e-mail further includes displaying said composite file name adjacent to an icon that indicates said first file.
 8. The method of claim 1, further comprising a recipient of said e-mail downloading and playing said voice message.
 9. A computing system comprising a processor coupled to a computer-readable memory unit, said memory unit comprising a software application, said software application comprising instructions that when executed by said processor implement the method of claim
 1. 10. A computer program product, comprising a computer-usable medium having a computerreadable program code embodied therein, said computer-readable program code containing instructions that when executed by a processor of a first computing system implement a method of managing a first file attached to an e-mail being sent by said first computing system to a second computing system, said method comprising: obtaining a file name of said first file attached to said e-mail; receiving an address of a second file that includes a voice message associated with said first file; encoding, subsequent to said receiving, said address of said second file, wherein said encoding includes modifying said address of said second file to comply with a set of rules for naming files in a file system of said second computing system, and wherein a result of said modifying is a modified address; inserting, subsequent to said encoding, said modified address into a predefined position within said file name, wherein a result of said inserting is a composite file name that includes said modified address and said file name of said first file; and displaying, subsequent to said inserting, said composite file name in said e-mail, wherein said displaying includes naming an indication of said first file in said e-mail as said composite file name.
 11. The program product of claim 10, wherein said inserting said modified address into said predefined position includes inserting said modified address in front of an extension dot of said file name.
 12. A computer-implemented method of authenticating a first file attached to an e-mail, said method comprising: receiving, from a first computing system and by a second computing system, said e-mail with said first file attached thereto, wherein said e-mail includes a composite file name that is a composite of a file name of said first file and an encoded address, wherein said encoded address is a string of characters that complies with a set of rules for naming files in a file system of said second computing system; extracting, by said second computing system and subsequent to said receiving said e-mail, said encoded address from said composite file name; decoding, by said second computing system and subsequent to said extracting, said encoded address, wherein a result of said decoding is an address of a second file, and wherein said second file includes a voice message associated with said first file; sending, by said second computing system and subsequent to said decoding, a request to fetch said second file from a computing data storage device, wherein said request includes said address of said second file; receiving, by said second computing system and subsequent to said sending, said second file; presenting, by said second computing system, to a recipient of said e-mail, and subsequent to said receiving said second file, said voice message included in said second file, wherein said presenting said voice message includes presenting a description of a content of said first file to said recipient; analyzing, in response to said presenting said voice message and prior to any access of said first file by said recipient, said description of said content of said first file; authenticating, subsequent to said receiving said second file and prior to any access of said first file by said recipient, said first file, wherein said authenticating includes verifying that said voice message includes a voice of a sender of said e-mail; and accessing, in response to said analyzing and said authenticating, by said user, and via a link in said e-mail, said first file.
 13. The method of claim 12, wherein said verifying that said voice message includes said voice of said sender includes verifying an identity of said sender of said e-mail prior to said recipient opening said first file via said link in said e-mail.
 14. The method of claim 12, wherein said decoding includes: determining that a first set of one or more characters in said encoded address is associated with a second set of one or more characters included in said address of said second file based on a table of lexicographic transformations; and replacing, in response to said determining, said first set of one or more characters in said encoded address with said second set of one or more characters included in said address of said second file, wherein said first set of one or more characters complies with a set of rules for naming files in a file system of said second computing system, and wherein said second set of one or more characters does not comply with said set of rules for naming files.
 15. The method of claim 14, wherein said second set of one or more characters complies with a set of rules for naming a Uniform Resource Locator address.
 16. The method of claim 12, further comprising detecting, by said second computing system, that said encoded address is included in said composite file name, wherein said extracting is performed automatically in response to said detecting.
 17. The method of claim 12, wherein said authenticating includes comparing said voice included in said voice message to a voice signature of said sender to determine that said voice message is authentic.
 18. The method of claim 17, wherein said authenticating further includes downloading a voice authentication program and a voice signature to said second computing system, wherein said comparing is performed by said voice authentication program.
 19. A computing system comprising a processor coupled to a computer-readable memory unit, said memory unit comprising a software application, said software application comprising instructions that when executed by said processor implement the method of claim
 12. 20. A computer program product, comprising a computer-usable medium having a computer-readable program code embodied therein, said computer-readable program code comprising an algorithm adapted to implement the method of claim
 12. 